The inventive concept relates generally to methods of detecting attacks by hackers or other external influences. More particularly, the inventive concept relates to methods of detecting attacks that may damage information stored in a central processing unit (CPU) or change the contents of a program memory.
Modern electronic devices commonly incorporate security measures to prevent data theft, tampering, or other interference. For instance, devices storing sensitive customer information, such as smart cards and mobile communication devices, commonly encrypt stored or transmitted data to prevent it from being viewed by unauthorized users. Such devices may also implement system functions to prevent malicious code from interfering with normal hardware and software operations. Some systems even include specialized hardware or compiler based technology to enhance security functions, such as special parity checking components for CPU registers, or uniform branch timing. Although these techniques may increase the fabrication cost of modern devices and interfere with optimal performance of a CPU or other system components, they are commonly deemed necessary to the safe operation of the devices.
One example class of devices that has been the subject of serious security measures is embedded systems, such as credit cards or e-passports having a microprocessor unit (MCU). These devices may need to protect against several different types of attacks, including both electronic attacks as well as physical tampering. As examples, these attacks may include direct accessing of customer information or indirect access of customer information by inducing the MCU to change its operations to expose sensitive information.
To address these issues, product manufacturers have developed a variety of different anti-hacking technologies responsive to electronic or physical threats. As examples, light detectors have been developed to disable a device or execute an emergency routine if the device is opened in a lighted environment, or an inner insulation removal detector or an active shield removal detector to perform a similar function when a device is dismantled.
Unfortunately, conventional attack-detection technologies may not detect attacks in certain environments or in the presence of continual attacks. For example, a hacker may read signal values transmitted through a signal line by probing signals input into/output from the system, and thus, gain access to information in the system using the read signal values. In other instances, a hacker may change program data by using a glitch attack or a power attack at many points in the system through a laser attack. As a result, the hacker may recognize data stored in the program memory, and may change the data stored in the program memory using electric signals.